Skip to content

BlackLuny/WinIPTCollector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

APPExample

APPExample

 
 

APPExample_dll

APPExample_dll

 
 

WinIPTCollector

WinIPTCollector

 
 

config

config

 
 

libWinIPTCollector

libWinIPTCollector

 
 

libWinIPTCollector_dll

libWinIPTCollector_dll

 
 

share

share

 
 

tools

tools

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

WinIPTCollector.sln

WinIPTCollector.sln

 
 

Repository files navigation

WinIPTCollector

WinIPTCollector is a tool for collecting INTEL Processor Trace (IPT) package for any specific process and for specific virtual address ranges(ADDR_N) on Windows platform without Performace Monitor Interrupt(PMI). Such features are:

  1. Support CR3 filter, ADDR_N filter without PMI(that is no #BSOD#);
  2. Realtime data collecting and saving as files without package data losing;
  3. configurable(config.ini);

Please reference Intel manual for more about Intel Processor trace technology.

Want to try?

Step 1:

Download Release

Step 2:

Install and start the driver "WinIPTCollector.sys";

Step 3:

   APPExample.exe [Process name] [output path director]

such as:

   APPExample.exe notepad.exe d:\

Step 4:

Waiting until you pressing 'Ctrl+C' to cancle collecting.

Thanks

cheat-engine ini-parser BlackBone

About

Intel Processor Trace package collector for Windows

Topics

reverse-engineering debug performance-tuning kernel-driver processor-trace tracer

Resources

Readme
Activity

Stars

15 stars

Watchers

5 watching

Forks

8 forks
Report repository

Releases 1

WinIPTCollectorV0.1Release Latest
Jun 10, 2020

Packages

No packages published

Languages